Our site uses cookies to improve your experience of certain areas of the site and to allow the use of specific functionality like social media page sharing. You may delete and block all cookies from this site, but as a result parts of the site may not work as intended. By clicking any link on this page you are giving your consent.

Financials

News

Pool Re taps new markets for cyber terror risk

15 April 2019

The UK’s terrorism reinsurer, Pool Re, recently secured retro cover for its cyber terrorism risk offering, which included a first of its kind catastrophe bond placement. The deal demonstrates a welcome appetite for cyber risk among reinsurers and capital markets.

However, Pool Re’s cyber terrorism cover is not a complete solution for companies concerned with nation-state attacks and cyber incidents from other politically motivated groups.

Cyber CAT bond

In March, Pool Re announced the completion of a GBP 2.3 billion three year retrocession programme, one of the biggest reinsurance deals in the world and the largest terrorism risk placement ever. Interestingly, the programme included GBP 75 million from a new catastrophe bond, the first ever catastrophe terrorism bond.

Both the bond and the retro programme cover cyber terrorism, mirroring the cover provided by Pool Re to its member insurers.

The transaction is the latest example of the growing appetite for cyber risk from reinsurers and capital market investors.

In October 2018, the Finance Minister of Singapore announced the world’s first commercial cyber risk pool, backed by both insurance-linked securities (ILS) and reinsurance.

The proposed pool will provide up to USD 1 billion in capacity and has already attracted over 20 insurers.

Terror threat

To date there have not been any examples of terrorists or extremists using cyber to launch disruptive or destructive attacks, according to Pool Re.

However, the intent to do so has been expressed. There has also been at least one case of insider threat with the potential to enable or launch a cyber attack, for which an individual working at Heathrow was convicted of terrorist offences.

According to Pool Re’s 2018 Threat Analysis Report, terrorists appear to have a low cyber capability.

Yet the growing availability of cyber attack tools and the consistently high global terrorism threat make it essential to build a thorough understanding of terrorist groups’ capabilities and intent in this area, the report says.

Cyber attacks have never been easier to carry out, as the tools become increasingly available for anyone to acquire on the dark web, and as the ability to deliver more complex and higher impact attacks becomes commoditised, says Pool Re.

There is also the ongoing potential for nation-state developed offensive capabilities to be released unauthorised into the wild.

Coverage extension

In response to the emerging threat of cyber attacks, Pool Re extended its offering to include cyber terrorism. In April 2018, the reinsurance pool offered member insurers the option of including cover for material damage and direct business interruption, caused by acts of terrorism, using a cyber trigger.

While Pool Re recently extended its property cover to include non-damage business interruption, this does not extend to incidents triggered by remote digital means or cyber terrorism.

State-sponsored attacks

Cyber terrorism overlaps with another rising threat for businesses, state sponsored cyber attacks. These have been of growing concern following a number of high profile incidents — for instance, one researcher linked last year’s Marriott data breach to Chinese intelligence.

Iran is thought to be behind a series of cyber attacks against oil and gas companies in the Middle East, and the US blames Russia for the 2017 notPetya malware attack, which initially targeted organisations in Ukraine before spreading around the world.

Given its exclusion for state-sponsored acts of terror, Pool Re’s cyber terrorism cover would not protect against cyber attacks like notPetya.

The property market seems intent on not covering state-sponsored cyber losses and is willing to deny claims through the use of war clauses, which include broad language like “warlike” or “hostile acts”.

In contrast, the standalone cyber insurance market has shown a greater willingness to pay claims for cyber attacks that are linked to nation states.

It is also possible to purchase cover in the specialist cyber market for state sponsored attacks via write-backs, and there is some talk in the cyber market of ways to clarify coverage further.

For example, cyber insurers could exclude “kinetic warfare”, which would allow cover for non-physical losses caused by state sponsored cyber attacks.

TALK TO AN EXPERT

YOU MAY ALSO BE INTERESTED IN

Sarah Stephens

As part of Marsh JLT Specialty's London-based Financial Lines Group, Sarah and her team work both directly with our clients and with network colleagues and independent partners to make sense of cyber, technology, and media E&O (PI) risks and create leading edge bespoke insurance solutions in the London market.

Prior, Sarah spent 12 years with Aon in a variety of roles. Her last role at Aon was Head of Cyber & Commercial E&O for the Europe, Middle East, and Africa (EMEA) Region, working with colleagues across business groups and clients in the region to identify, analyse, and drive awareness of cyber risks, exposures, and both insurance and non-insurance solutions.

Previously, Sarah spent seven years with Aon’s US Cyber and Errors & Omissions practice group thinking nonstop about cyber insurance way before it was cool. Her first four years at Aon were spent in the Account Management group working with large clients and developing a keen eye for excellent client service.

Jardine Lloyd Thompson Group plc

Jardine Lloyd Thompson Group plc, incorporated and registered in England and Wales. Registered Office at The St Botolph Building, 138 Houndsditch, London, EC3A 7AW. Registered number 1679424. Jardine Lloyd Thompson Group plc is a holding company, some of whose subsidiaries are authorised and regulated by the Financial Conduct Authority.